Microsoft Windows Menu DC Pen Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

April 9, 2024—KB5036909 (OS Build 20348.2402)

April 9, 2024—KB5036909 OS Build 20348.2402 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when n...

CVE-2022-44684

Windows Local Session Manager LSM Denial of Service Vulnerability...

CVE-2022-35759

Windows Local Security Authority LSA Denial of Service Vulnerability...

April 11, 2023—KB5025239 (OS Build 22621.1555)

April 11, 2023—KB5025239 OS Build 22621.1555 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to find out...

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

CVE-2022-45770

Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation...

PT-2023-1136 · Microsoft · Windows Local Security Authority +1

Name of the Vulnerable Software and Affected Versions: Windows Local Security Authority LSA affected versions not specified Description: The issue is related to insufficient access control in the Windows Local Security Authority LSA service, which can be exploited to elevate privileges. This allo...

PT-2022-7227 · Microsoft · Windows Local Session Manager +1

Name of the Vulnerable Software and Affected Versions: Windows Local Session Manager LSM affected versions not specified Description: The issue exists due to insufficient input validation in the Windows Local Session Manager component. Exploitation of this issue may allow a remote attacker to cau...

CVE-2022-37973

Windows Local Session Manager LSM Denial of Service Vulnerability...

Microsoft Windows Local Session Manager (LSM) 资源管理错误漏洞

Microsoft Windows is a set of operating systems for personal devices from the U.S. Microsoft Windows Local Session Manager LSM has a denial-of-service vulnerability that can be exploited by attackers to launch denial-of-service attacks...

PT-2022-5426 · Microsoft · Windows Local Session Manager +1

Name of the Vulnerable Software and Affected Versions: Windows Local Session Manager affected versions not specified Description: The issue is related to insufficient input validation in the Windows Local Session Manager component of the Windows operating system. This can be exploited by a remote...

PT-2022-4335 · Microsoft · Windows Local Security Authority +1

Name of the Vulnerable Software and Affected Versions: Windows Local Security Authority LSA affected versions not specified Description: The issue is related to insufficient input validation in the Local Security Authority LSA service of the Microsoft Windows operating system. It can be exploited...

CVE-2022-34006

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT...

VulnCheck KEV: CVE-2021-36942

Microsoft Windows Local Security Authority LSA contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM...

PT-2021-3785

Name of the Vulnerable Software and Affected Versions Microsoft Windows Local Security Authority LSA versions are affected, but specific versions are not provided in the input data. Description A spoofing issue allows attackers to affect the system. The problem is related to the Local Security...

CVE-2021-33788

Windows LSA Denial of Service Vulnerability...

Palo Alto Networks Cortex XDR Agent Security Vulnerability

Palo Alto Networks Cortex XDR Agent is a client software from Palo Alto Networks Malaysia used to check the security of client devices. A security vulnerability exists in Cortex XDR Agent that arises from improper handling that allows a local authenticated Windows user to create files in the...

Exploit for Improper Resource Shutdown or Release in Microsoft

CVE-2018-8120 CVE-2018-8120 Windows LPE exploit Supports both x32 and x64. Tested on: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008 Enterprise x64. Usage shell CVE-2018-8120 exploit by @unamerhttps://github.com/unamer Usage: exp.exe command Example: exp.exe...

CVE-2013-10046

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/agnitumoutpostacs.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...